Amex account hacked
- 15079
- 159
-
- Last Comment
Today morning at 3:40 AM my Amex account got hacked and they changed email id and used card for online transactions of 3000+1500+1500+1500+1500 for total of 9000 Rs at ZAAKPAY-RETAIL SERVICES PG. Called customer care earlier and complained immediately, they blocked the card and told they will investigate further and all Transactions will get reversed. There are 3 cards registered online and only one card they used it, can anyone confirm if all above Transactions will get reversed and on how to restore my online password. Also is there any chance they will use my remaining cards.
I saw similar thread earlier but unable to find now, hence raised as new topic.
Update
Have raised it with stern message to Amex Fraud Prevention team
They will surely check with merchant & identify the culprits
I had no worries with transactions getting reversed or not billed as their CC is good in this case
My concern is alarming speed of misuse of card domestically like this
Some big racket under play
Guys just check your transaction history carefully, try to identify who can be culprit
Let’s not let loose it to save others from mishap
Are these being done through the ezeclick? We don’t require cvv or expiry date for it. Just the ezeclick id is sufficient. Also have come across this when tried to login to ezeclick portal. Attached pic.
Can a senior dimer throw some info on this!
My card was charged with 20,000 at zaakpay in one go that is too with OTP. So this ezeclick is not the issue.
Its not through ezeclick, i have charge card attached to it but no impact on that.
Seems a case of recent vulnerability in Apache Struts bug…. it is very hard to patch. I will share the link.
Guys check the link
=====
Exploit goes public for severe bug affecting high-impact sites
Banks, insurance companies, and Fortune 500 corporations take note: attack code has just gone public for a hard-to-patch vulnerability that hackers can exploit to take control of your website.
The critical vulnerability is located in Apache Struts 2, an open-source framework that large numbers of enterprise-grade organizations use to develop customer-facing Web applications. The bug, which has been active since 2008, allows end users to execute malicious code or commands by plugging maliciously modified data into search boxes or similar features hosted on the site.
Apache Struts maintainers released a patch on Tuesday. Unfortunately, installing the update is only the first step. Vulnerable sites must then use the new version to rebuild vulnerable Web apps and thoroughly test them before deploying them in their production sites. The process can be labor and time intensive. What’s more, the particular vulnerability this time may require developers to change the code that calls the Struts framework. Further complicating matters: many sites don’t always have a complete list of apps running on their sites, which makes finding out if they’re at risk harder.
In the meantime, code that exploits the vulnerability has been released through Metasploit, an open-source framework used by security professionals and hackers alike. Coming a day after the vulnerability was publicly disclosed, the release underscores the ease in developing exploit code. Malicious hackers may copy it verbatim or use it as a starting point to develop more refined attacks.
=====
Did this vulnerability / hack / Fraud happening only on Amex propriety cards or other Joint cards like Iconia , Icici amex too ??
So far only Amex propriety
Amex victims, please don’t lift calls that you may get fraudsters saying they are from Amex. Last night I got call from them asked for my details. I disconnected the call.and called Amex cc directly. They told that they won’t call customer after 8pm. Be aware and take care
What was number?
Don’t know whats going wrong with amex these days. Only thing that makes it even worse is.. I need to do some hotel bookings.. badly missing the Amex MMT offer. I have to wait for 15 working days to get new set of cards. And still 4 transactions left for this month for BMS voucher. Both offer expiring this month. 
+911244668000
+911244668000 Amex fraudsters number.
I think thats Amex CC number, not fraudsters. After fraud investigation, next day they call me from fraud investigation dept at 9 pm to delete my existing account and create a new one.
No , no one safe in April 17 i am also victim of 11470 fraud transaction on my sbi card, i had disputed this transaction but sbi given me shocking reply that if any transactions made in internationaly then no password, cvv, nor otp required and closed my dispute. However i am going to consumer forums
This is too much. Useless sbi. Better to not use sbi cards.
Hey guys,
Had the same thing happen to me at 3 am today. My email was changed to some rediffmail.com address and then 2 txns were made (1500 + 3000) at CCAvenue. For better or worse, I was almost near my credit limit (had a lot of one time expenses earlier this month) so no more txns were made. However all my points were redeemed as well! Points are the only reason I use Amex. The customer care immediately put a block on the card and told me to call on Monday, since their fraud detection team is available only on weekdays. The executive also reassured me that all fraudulent charges/point redemptions would be reversed. However, I am a bit skeptical (and tense, given that I have to wait for a couple of days to get this resolved).
Given your similarly unfortunate experiences, are these charges actually reverted? If yes, how difficult is it? Otherwise what is the escalation mechanism to get an authority like RBI involved so that this loophole might be rectified by Amex? Surely there is a gap somewhere in their process because a similar modus operandi seems to exist in all these cases.
same pattern with me…i only realized the reward point redemption thing when my 9k points did not get transferred automatically to my new card…in any case i had spoken to the fraud team person handling my case (21st aug) on monday and and she was so casual about it like sir we will collate the data analyze it and take action but it takes time blah blah…i told her very clearly that if amex does not at least put a block on email/mob no changes via website till they fix their shit i’m gonna stop using the card altogether because i had warned them about this happening to others almost 3 weeks back…i am dead sure that it was not a security lapse at my end…i’m just shocked at how much time it’s taking them to respond to the attack 
Not so far
some serious Loophole / Breach of security for AMEX cards it appears !!
Just for Update…. there is INTERNATIONAL TRANSACTION – Enable / Disable option for YES Bank Credit cards in Netbanking…
This is an Important feature…. easily done in HDFC & YES based on my experience….
I used sbi credit card for first time in amazon to purchase product ..after 15mins I got message Dear SBI Cardholder, Txn of Rs.1,500.00 on Card ending with XX2589 at PayTm Mobile Solutions on 21-09-17 has been declined. Pls call at 18601801290/39020202 for details.
It is safe to saved card details or should I delete it …
Please tell how to be safe from fraud transaction
My Amex card was again hacked today with 4 transactions of 1 lac , 50k, 25k and 10k … Surprisingly these transactions were taken within India and the merchant name received in the SMS was ANKUR HP CENTER. I immediately reported the fraud to Amex CC and blocked the card. Surprisingly the transactions were completed. When questioned abut, how did the merchant (HP petrol station in Patiala) did get the OTP, since RBI has mandated all the Online txn taken within INDIA to have 3rd Party authenication, the Amex fraud detection team had no answer. I have asked them to raise to the upper management and investigate. I will surely get them answer on how did the txn taken in india bypass the 3rd Party authentication layer inspite the RBI Mandate.
This is my 3rd Amex Card account fraud in less than 6 months… Surely some thing is fishy with Amex and since many of them have reported, that it could be a huge conspiracy by the Amex internal team itself.
Let’s Bajaao AMEX bro
They are taking it lightly & brushing it off by just blocking card & reissuing card
The Real Mischief needs to be brought out
Lets raise it to RBI
Response from Amex Team
Good morning.
You will be delighted to know that your account ending in xxxxx has already been credited with Rs.64,000.00 towards the fraudulent charges. Additionally, this Card has been cancelled to prevent further misuse.
All these adjustments have been done on your account on 21/09/17.
Now, let me take this opportunity to inform you that in case of fraudulent charges, certain procedures have to be followed. We cannot stop the charges from getting posted to the account and also, we cannot start the fraud process unless and untill the charges post to the account. The reason being, only after the payment has been made to the merchant do the charges post to the account and only then we can start the fraud proceedings.
If the merchant was not paid then the Card member is not liable for those charges in which case there can be no fraud case.
I hope you find the information reassuring and to your satisfaction.
If there is any other way I may be of assistance, please feel free to write to me.
Sincerely,
Email Servicing Team
American Express Customer Care
My amex was misused for 1500 today as someone changed my email ID to [email protected] . I reported to the amex fraud team and they told me that the amount will be reversed and a new card will be sent. How much time it will take for them to reverse the charge? How can we revert it to the old email ID?
Guys,
I got free AMEX Membership Rewards card in august and got a supplementary card as well along with it. Since then, I used it mostly online with AZ, FK freecharge, phonepe and paytm. Only one offline transaction that too at HP petrol Pump. Yesterday night, I got 7-8 smses regarding various transactions on the Card and also one sms that my email id has been changed. Immediately I called AMEX and requested to block the card. They accepted my request. However I was surprised by the reaction of their fraud prevention team who said they will contact me on Monday…
Anyway, the lady assured me that I will not face any losses due to fraudulent transaction. But what is worrying me most is that someone changed my email id in Amex Online Account. Is this due to some virus / hacked computer or is there any other way Amex online accoutn can be hacked if someone has your card detail
Regarding the card leaked details, I am becoming convinced that this may be due to HP Petrol Pump. Six months earlier, one of my HSBC card was also being used in fraudulent manner on international website. That time also I immediately called up and got my card blocked. They issued me a replacement card on which I didnot face any issue. I use 2 other cards from CITI and HDFC which never faced any problem. So the only thing common between HSBC and AMEX is HP Petrol Pump (as no surcharge applicable and I have been using same petrol pump for quite sometime). How they are hacking my cards, I have no idea since I am generally present while presenting the card for payment
~Checking with Dimers on:
1. Will I face any issue of liabilities for these fraudulent activities?
2. Amex Onlie account hacked due to some virus / hacked computer or is there any other way Amex online account can be hacked if someone has your card detail
3. Is it possible that guys at HP petrol Pump are getting my card details fraudulently
You are not the only victim. This is happening with many AMEX users.
Please refer to this thread: https://www.desidime.com/forums/dost-and-dimes/...
last month my card also got swiped on airbnb worth1$ after that i blocked that card n issued new one
Exactly similar modus operendi in all the frauds in this thread https://www.desidime.com/forums/dost-and-dimes/...
Seems like an inside job. Were you successful in getting any response from Amex on this fraud?
Amex is absconding
They haven’t yet come back with final version but I am not leaving them, sending reminders every week
Any thoughts of me applying for Amex are put to final rest now. Amex brand lost it’s value completely.
I applied for a rewards card last week, now I am wondering should I use it or not.
Transaction on my Amex card last night… same stuff as reported on this thread. 15k on zaakpay.
Can anyone inform what’s the process to be expected? They said they will call me in working hours (Amex)
Another problem is that there is a very large refund expected from Amazon on this credit card which can’t come now since they’ve blocked the card. What to do now? I Don’t want the refund in the form of Amazon pay
Call Amex and tell them. They will give refund in new card which they issue
My Icici amex card was also used today for transaction of 20k at amazon
Was it only for one transaction? What did you do about it then? Is the issue resolved?
My Amex card got hacked yesterday. Same modus operandi, changed mail id first and then after 5 minutes 5k amount transaction was initiated at CC Avenue. Have been using Citi and HDFC for 9 years and never have a single such kind of fraud. Definitely some one insider is involved. Lets see what Fraud team has to say to me when they call today 
I didn’t know why all are still using amex
Even after seeing this thread
Are Amex Co-branded Cards like ICICI Amex, IndusInd Iconia Amex also being hacked ??
51K is huge amount. @A2Zdeals what is your card limit?